source: TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/wsgi/saml/attribute-interface.ini @ 7077

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg-security/TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/unit/wsgi/saml/attribute-interface.ini@7077
Revision 7077, 3.1 KB checked in by pjkersha, 11 years ago (diff)
  • Property svn:keywords set to Id
Line 
1#
2# SSL Client AuthN WSGI Testing environment configuration
3#
4# The %(here)s variable will be replaced with the parent directory of this file
5#
6[DEFAULT]
7testConfigDir = ../../../config
8port = 5000
9baseURI = localhost:%(port)s
10
11[server:main]
12use = egg:Paste#http
13host = 0.0.0.0
14port = %(port)s
15
16[pipeline:main]
17pipeline = AttributeAuthorityFilter SAMLSoapAttributeInterfaceFilter TestApp
18
19[app:TestApp]
20paste.app_factory = ndg.security.test.unit.wsgi.saml:TestApp
21
22[filter:SAMLSoapAttributeInterfaceFilter]
23paste.filter_app_factory = ndg.security.server.wsgi.saml:SOAPQueryInterfaceMiddleware.filter_app_factory
24prefix = saml.
25saml.pathMatchList = /attributeauthority/saml
26saml.queryInterfaceKeyName = attributeQueryInterface
27saml.deserialise = ndg.saml.xml.etree:AttributeQueryElementTree.fromXML
28
29# Specialisation to incorporate ESG Group/Role type
30saml.serialise = ndg.security.common.saml_utils.esg.xml.etree:EsgResponseElementTree.toXML
31
32#______________________________________________________________________________
33# Attribute Authority WSGI settings
34#
35[filter:AttributeAuthorityFilter]
36# This filter is a container for a binding to a SOAP based interface to the
37# Attribute Authority
38paste.filter_app_factory = ndg.security.server.wsgi.attributeauthority:AttributeAuthorityMiddleware.filter_app_factory
39
40prefix = attributeAuthority.
41
42attributeAuthority.environKeyName: attributeauthority
43attributeAuthority.environKeyNameAttributeQueryInterface: attributeQueryInterface
44
45# Attribute Authority settings
46# 'name' setting MUST agree with map config file 'thisHost' name attribute
47attributeAuthority.name: Site A
48
49# Lifetime is measured in seconds
50attributeAuthority.attCertLifetime: 28800 
51
52# Allow an offset for clock skew between servers running
53# security services. NB, measured in seconds - use a minus sign for time in the
54# past
55attributeAuthority.attCertNotBeforeOff: 0
56
57# All Attribute Certificates issued are recorded in this dir
58attributeAuthority.attCertDir: %(testConfigDir)s/attributeauthority/sitea/attributeCertificateLog
59
60# Files in attCertDir are stored using a rotating file handler
61# attCertFileLogCnt sets the max number of files created before the first is
62# overwritten
63attributeAuthority.attCertFileName: ac.xml
64attributeAuthority.attCertFileLogCnt: 16
65attributeAuthority.dnSeparator:/
66
67# Location of role mapping file
68attributeAuthority.mapConfigFilePath: %(testConfigDir)s/attributeauthority/sitea/siteAMapConfig.xml
69
70# Settings for custom AttributeInterface derived class to get user roles for given
71# user ID
72attributeAuthority.attributeInterface.modFilePath: %(testConfigDir)s/attributeauthority/sitea
73attributeAuthority.attributeInterface.modName: ndg.security.test.config.attributeauthority.sitea.siteAUserRoles
74attributeAuthority.attributeInterface.className: TestUserRoles
75
76# Config for XML signature of Attribute Certificate
77attributeAuthority.signingPriKeyFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.key
78attributeAuthority.signingCertFilePath: %(testConfigDir)s/attributeauthority/sitea/siteA-aa.crt
79attributeAuthority.caCertFilePathList: %(testConfigDir)s/ca/ndg-test-ca.crt
Note: See TracBrowser for help on using the repository browser.